package com.lhdx.practical.utils;

import org.springframework.web.util.HtmlUtils;
import org.springframework.web.util.JavaScriptUtils;

public class XssUtils {
    /**
     * 对url传过来的参数进行过滤
     * @param url
     * @return
     */
    public static String xssChange(String url){
        if(null != url){
            url = JavaScriptUtils.javaScriptEscape(url);
            url = HtmlUtils.htmlEscape(url);
        }
        return url;
    }

    /**
     * 对页面上显示url的进行过滤。否则会有xss进行攻击
     * @param str
     * @return
     */
    @SuppressWarnings("deprecation")
    public static String xssUrlChange(String str){
        if(null != str){
            str = java.net.URLEncoder.encode(str);
        }
        return str;
    }
}
